A database of over 150 million usernames and passwords of Under Armour’s super popular MyFitnessPal app has been hacked. Under Armour says an “unauthorized party” gained information to usernames and email addresses, but not payment details.
Under Armour is working with leading data security firms to assist in its investigation, and also coordinating with law enforcement authorities. The investigation indicates that the affected information included usernames, email addresses, and hashed passwords — the majority with the hashing function called bcrypt used to secure passwords.
Cybercriminals are going to use this to scare you into clicking on phishing emails and infect your computer with malware or manipulate you into giving out personal information.
If you receive an email that claims your personal MyFitnessPal information has been hacked, and that you need to click on links to change your password or open attachments to find out how to protect yourself, be very careful.
Do not click on links, do not open attachments, and if there is a reference to a website with more information, type the web address in your browser.
Under Armour will require MyFitnessPal users to change their password and is “urging users to do so immediately. The company is also encouraging users to review their accounts for suspicious activity and be cautious of any unsolicited messages asking for personal information.